PIX and voice traffic

Answered Question
Apr 27th, 2007
User Badges:

We have a customer that is having some voice quality issues with a branch connected over an internet connection. The voice traffic is being tunneled through a GRE tunnel and then encrypted while being sent over the internet. The encryption is being done firewall to firewall and the GRE tunnels are terminated on routers behind the firewalls.

What are some things that can be done in this configuration to help with the voice quality issues?


Correct Answer by sachinraja about 9 years 12 months ago

Hey chris,


Sorry.. sent you the wrong link.. Too many windows with answers :) so, was a lil confused !!!


correct URL


http://cisco.com/en/US/products/ps6120/products_configuration_example09186a008080dfa7.shtml


lots of other URLs in CCO. let me know if you need any more help on this..


Raj

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
sachinraja Tue, 05/01/2007 - 01:18
User Badges:
  • Red, 2250 points or more

Hello chris,


make sure you enable QOS on the firewall , to enable prioritization before encryption.. here is a URL which talks more about this:


http://www.cisco.com/en/US/partner/products/ps6121/products_configuration_guide_chapter09186a0080623ab4.html


make sure that the qos is end to end.. do l2 qos on the local lan.. but if it goes through internet, u really cannot predict the performance.. there is no guarantee of latency and bandwidth over internet... make sure you take care of this..


Raj

chris.damore Tue, 05/01/2007 - 05:04
User Badges:

I think maybe you sent the wrong link...

Can you verify please?

Thanks so much for the reply.

Chris

chris.damore Tue, 05/01/2007 - 05:50
User Badges:

Here?s the setup for this customer.

WAN router -> PIX -> WAN connection (wireless internet) -> Router running IOS firewall -> WAN router


There is a GRE tunnel setup that terminates on the WAN routers at both locations. The VPN encryption is setup PIX to the router running IOS firewall. Am I correct in thinking QoS would have to be setup on all four of these devices?


Also, what does the inspect skinny and inspect h323 command do?

Thank you very much for all of your help


Actions

This Discussion